Technology blogger Robert Scoble wanted help moving contact information for his 5,000 Facebook friends into his Microsoft Outlook address book. He turned to Joseph Smarr, chief platform architect at Plaxo, a company in Mountain View, CA, that synchronizes contact information between Outlook, other desktop e-mail programs, and a number of Web services. Smarr gave Scoble a short program to test out, which automati­cally paged through Scoble’s Facebook connections and extracted the names, birthdays, and e-mail addresses of his friends.

There was just one problem. The program triggered alerts at Facebook, which disabled Scoble’s account. “My identity disappeared,” Scoble says. “If I was your friend, I turned gray–all my information went gray. ” Scoble was transformed from a man with a small town of Facebook friends into a nonperson.

The incident brought to a head a debate that had been raging for months behind the scenes at social-networking sites: who controls the data users post on their profiles? Advocates of so-called data portability, including Scoble and Smarr, say people should be able to transfer information easily in and out of any Web services they use. Facebook, on the other hand, says it needs to safeguard the information it stores so that it isn’t misused, and that means keeping tight control over users’ information. At stake is not simply the ease and security with which people move between social-networking sites but control of the currency that gives those sites their value: personal information.

Although Scoble’s trouble managing his 5,000 Facebook friends is an extreme example, similar problems are common. Many users have five or six online accounts that use social data–perhaps an e‑mail account, an instant-messenger service, a profile on a social network, a photo-sharing site, and a blog. “Every time you try to sign up for some new service, it acts like you’ve never used another website before,” says Smarr. “You have to create a new account and password from scratch. You have to fill in your profile all over again. You have to find all the people on that site that you know, reconnect with them, and reëstablish their relationship to you. I think this adds up to a huge burden, and a lot of people aren’t using or consuming from nearly as many of these sites as they could.”

Chris Saad, cofounder and chair of the nonprofit ­DataPortability Project, notes that many current methods of transferring data expose users to huge security risks. For example, it’s a common practice for social sites to ask users to submit the usernames and passwords for their Web-based e-mail accounts when they first sign up; an automated service can then search the network for people listed in their address books. “The door is open right now for any application that scrapes your Gmail address book to go ahead and scrape your shopping cart as well, or scrape your searches, or keep your username and password and pretend to be you,” says Saad. “It’s a nightmare of security, and it’s something we need to solve sooner rather than later.”

Though most experts perceive a need for an easier, more secure way for users to share data among social networks, there is little agreement on a solution. “Is it going to be the closed, walled garden of infrastructure, or the more open, distributed infrastructure of the Web itself?” asks Smarr. The answer to that question could determine whether social networks are dominated by a single company–and these days Facebook has the edge–or whether users will be able to jump around effortlessly among a slew of flourishing social sites, each with its own strengths and features.